Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,794
Maven
5,000+
npm
4,402
NuGet
772
pip
4,179
Pub
12
RubyGems
965
Rust
1,075
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,261 advisories

Loading
Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability... High Unreviewed
CVE-2020-36910 was published Jan 6, 2026
Multiple D-Link DSL gateway devices contain a command injection vulnerability in the dnscfg.cgi... Critical Unreviewed
CVE-2026-0625 was published Jan 6, 2026
In the backup parameters, a user with high privilege is able to concatenate custom instructions... High Unreviewed
CVE-2025-5965 was published Jan 5, 2026
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2025-64124 was published Jan 3, 2026
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2025-64120 was published Jan 3, 2026
Signal K Server has Unauthenticated State Pollution leading to Remote Code Execution (RCE) Critical
CVE-2025-66398 was published for signalk-server (npm) Jan 2, 2026
Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution... High Unreviewed
CVE-2015-10145 was published Dec 31, 2025
Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the... High Unreviewed
CVE-2021-47745 was published Dec 31, 2025
meterN 1.2.3 contains an authenticated remote code execution vulnerability in admin_meter2.php... High Unreviewed
CVE-2021-47747 was published Dec 31, 2025
VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing... High Unreviewed
CVE-2025-15389 was published Dec 31, 2025
VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing... High Unreviewed
CVE-2025-15388 was published Dec 31, 2025
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an authenticated command injection vulnerability in... High Unreviewed
CVE-2022-50793 was published Dec 31, 2025
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a command injection vulnerability that allows local... High Unreviewed
CVE-2022-50789 was published Dec 31, 2025
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated command injection... Critical Unreviewed
CVE-2022-50794 was published Dec 31, 2025
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that... High Unreviewed
CVE-2022-50795 was published Dec 31, 2025
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that... High Unreviewed
CVE-2022-50791 was published Dec 31, 2025
Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the... High Unreviewed
CVE-2005-10004 was published Dec 26, 2025
OpenOps before 0.6.11 allows remote code execution in the Terraform block. High Unreviewed
CVE-2025-68922 was published Dec 25, 2025
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution... High Unreviewed
CVE-2019-25255 was published Dec 24, 2025
FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php... High Unreviewed
CVE-2019-25243 was published Dec 24, 2025
Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to... High Unreviewed
CVE-2018-25143 was published Dec 24, 2025
Under certain circumstances a successful exploitation could result in access to the device. High Unreviewed
CVE-2025-43875 was published Dec 24, 2025
Under certain circumstances a successful exploitation could result in access to the device. High Unreviewed
CVE-2025-43876 was published Dec 24, 2025
IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2025-14500 was published Dec 24, 2025
DreamFactory saveZipFile Command Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-13700 was published Dec 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database